risk management

risk management - Risk management is activity directed...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Risk management is activity directed towards the assessing, mitigating (to an acceptable level) and monitoring of risks . In some cases the acceptable risk may be near zero. Risks can come from accidents, natural causes and disasters as well as deliberate attacks from an adversary. The main ISO standards on risk management include [1] & [2] In businesses, risk management entails organized activity to manage uncertainty and threats and involves people following procedures and using tools in order to ensure conformance with risk-management policies. Risk management is also used in the public sector to identify and mitigate risk to critical infrastructure. For the most part, these methodologies consist of the following elements, performed, more or less, in the following order. 1. identify assets and identify which are most critical 2. identify, characterize, and assess threats 3. assess the vulnerability of critical assets to specific threats 4. determine the risk (i.e. the expected consequences of specific types of attacks on specific assets) 5. identify ways to reduce those risks
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

risk management - Risk management is activity directed...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online